Hello everybody. I'm new to Kerio Control and I like it a lot so far. I'm trying to use Kerio's "require users to be authenticated to access web pages" option as my captive portal. I've integrated Kerio with an Active Directory and I pull authentication credentials from there. Is there a way to force authentication for users that connect through a specific interface/VLAN only?

For example:
Suppose my setup is Single Internet Link > 2 LAN interfaces (1 for the computers connected via ethernet cable and the other one for the WiFi devices). I would like the captive portal to work only for devices which access the internet through WiFi.

When you enable this option, it applies to all local networks (except guest interfaces). However, you can build a policy that does NOT require authentication for specific networks. You can do this in the content filter. Create a rule where the detected content is 'any', the source is an IP address group that includes anyone that does not need to authenticate, and for the action you allow the traffic and check the box to not require authentication.

However, in your case I suggest a slightly different approach. Since you want to apply authentication only to a wireless LAN, I suggest to not use the "require users to be authenticated" option. Rather, you should use RADIUS (WPA2-enterprise). This option will force users of your wireless network to authenticate with their credential immediately when joining the wireless LAN, rather than after they join. WPA2-enterprise is a much more secure and manageable approach. http://kb.kerio.com/1648

Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of
information.